// package com.example.apigateway.config;
//
// import cn.hutool.core.util.ArrayUtil;
// import com.example.apigateway.component.RestAuthenticationEntryPoint;
// import com.example.apigateway.component.RestfulAccessDeniedHandler;
// import com.example.mallcommon.constant.AuthConstant;
// import lombok.AllArgsConstructor;
// import org.springframework.context.annotation.Bean;
// import org.springframework.context.annotation.Configuration;
// import org.springframework.core.convert.converter.Converter;
// import org.springframework.security.authentication.AbstractAuthenticationToken;
// import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
// import org.springframework.security.config.web.server.ServerHttpSecurity;
// import org.springframework.security.oauth2.jwt.Jwt;
// import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
// import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
// import org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverterAdapter;
// import org.springframework.security.web.server.SecurityWebFilterChain;
// import reactor.core.publisher.Mono;
//
// /**
//  * @author yang
//  * 资源服务器配置
//  */
// @AllArgsConstructor
// @Configuration
// @EnableWebFluxSecurity
// public class ResourceServerConfig {
//     private final ReactiveJdbcAuthenticationManager authorizationManager;
//     private final IgnoreUrlsConfig ignoreUrlsConfig;
//     private final RestfulAccessDeniedHandler restfulAccessDeniedHandler;
//     private final RestAuthenticationEntryPoint restAuthenticationEntryPoint;
//
//     @Bean
//     public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
//         http.oauth2ResourceServer().jwt()
//                 .jwtAuthenticationConverter(jwtAuthenticationConverter());
//         http.authorizeExchange()
//                 //白名单配置
//                 .pathMatchers(ArrayUtil.toArray(ignoreUrlsConfig.getWhiteUrls(),String.class)).permitAll()
//                 //鉴权管理器配置
//                 .anyExchange().access(authorizationManager)
//                 .and().exceptionHandling()
//                 //处理未授权
//                 .accessDeniedHandler(restfulAccessDeniedHandler)
//                 //处理未认证
//                 .authenticationEntryPoint(restAuthenticationEntryPoint)
//                 .and().csrf().disable();
//         return http.build();
//     }
//
//     @Bean
//     public Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>> jwtAuthenticationConverter() {
//         JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
//         jwtGrantedAuthoritiesConverter.setAuthorityPrefix(AuthConstant.AUTHORITY_PREFIX);
//         jwtGrantedAuthoritiesConverter.setAuthoritiesClaimName(AuthConstant.AUTHORITY_CLAIM_NAME);
//         JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
//         jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwtGrantedAuthoritiesConverter);
//         return new ReactiveJwtAuthenticationConverterAdapter(jwtAuthenticationConverter);
//     }
//
// }